Erro de autenticação de fluxo de trabalho do SharePoint 2013 401
https://sharepoint.stackexchange.com//questions/58772
-
10-12-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianPergunta
Estou tentando permitir que um fluxo de trabalho do SharePoint 2013 seja executado como um usuário normal (não como um administrador de conjunto de sites).
Ao iniciar o fluxo de trabalho ele falha imediatamente com o erro:
RequestorId": c0c2fcc9-abfb-6e2b-f229-68417fb5815c. Details: System.ApplicationException: HTTP 401 {"Transfer-Encoding":["chunked"],"X-SharePointHealthScore":["0"],"SPRequestGuid":["c0c2fcc9-abfb-6e2b-f229-68417fb5815c"],"request-id":["c0c2fcc9-abfb-6e2b-f229-68417fb5815c"],"X-FRAME-OPTIONS":["SAMEORIGIN"],"MicrosoftSharePointTeamServices":["15.0.0.4420"],"X-Content-Type-Options":["nosniff"],"X-MS-InvokeApp":["1; RequireReadOnly"],"Cache-Control":["max-age=0, private"],"Date":["Mon, 04 Feb 2013 15:55:21 GMT"],"Server":["Microsoft-IIS\/8.0"],"WWW-Authenticate":["NTLM"],"X-AspNet-Version":["4.0.30319"],"X-Powered-By":["ASP.NET"]} Der HTTP-Antwortinhalt konnte nicht gelesen werden. "Error while copying content to a stream.". bei Microsoft.Activities.Hosting.Runtime.Subroutine.SubroutineChild.Execute(CodeActivityContext context) bei System.Activities.CodeActivity.InternalExecute(ActivityInstance instance, ActivityExecutor executor, BookmarkManager bookmarkManager) bei
Nos logs do ULS posso encontrar o erro "Falha na verificação de permissão.pedindo 0x10000, tenho 0x2000000000", vindo de "Autorização de Autenticação", o que acho bastante estranho (quais permissões são 0x10000 etc.).
Quando defino o usuário que tenta executar o fluxo de trabalho como administrador do conjunto de sites, o fluxo de trabalho funciona sem problemas.
02.04.2013 16:24:43.64 w3wp.exe (0x1594) 0x0E04 SharePoint Foundation Authentication Authorization ag6al Medium OAuth app principal Name=i:0i.t|ms.sp.ext|21c57850-ff6e-4fb6-9aa4-201733bf3f18@6a9b095b-7157-4a94-96f2-a27dd438b36d, IsAppOnlyRequest=False, UserIdentityName=0#.w|testdomain\testoffice11, ClaimsCount=18 c0c2fcc9-abfb-6e2b-f229-68417fb5815c
02.04.2013 16:24:43.64 w3wp.exe (0x1594) 0x12E8 SharePoint Foundation CSOM agw10 Medium Begin CSOM Request ManagedThreadId=34, NativeThreadId=4840 c0c2fcc9-abfb-6e2b-f229-68417fb5815c
02.04.2013 16:24:43.66 w3wp.exe (0x1594) 0x12E8 SharePoint Foundation Logging Correlation Data xmnv Medium Site=/ c0c2fcc9-abfb-6e2b-f229-68417fb5815c
02.04.2013 16:24:43.66 w3wp.exe (0x1594) 0x12E8 SharePoint Foundation Authentication Authorization ag69m Medium TenantScopedPerm=0, AllowAppOnlyPolicy=False, AppId=i:0i.t|ms.sp.ext|21c57850-ff6e-4fb6-9aa4-201733bf3f18@6a9b095b-7157-4a94-96f2-a27dd438b36d. c0c2fcc9-abfb-6e2b-f229-68417fb5815c
02.04.2013 16:24:43.66 w3wp.exe (0x1594) 0x12E8 SharePoint Foundation Authentication Authorization ajmmu Medium Permission check failed. asking for 0x10000, have 0x2000000000 c0c2fcc9-abfb-6e2b-f229-68417fb5815c
02.04.2013 16:24:43.66 w3wp.exe (0x1594) 0x12E8 SharePoint Foundation General ftd0 Medium Access Denied. Exception: Es wurde versucht, einen nicht autorisierten Vorgang auszuführen., StackTrace: bei Microsoft.SharePoint.Utilities.SPUtility.HandleAccessDenied(Exception ex) bei Microsoft.SharePoint.SPSecurableObject.CheckPermissions(SPBasePermissions permissionMask) bei Microsoft.SharePoint.Client.SPClientServiceHost.OnBeginRequest() bei Microsoft.SharePoint.Client.Rest.RestService.ProcessQuery(Stream inputStream, IList`1 pendingDisposableContainer) bei Microsoft.SharePoint.Client.ClientRequestService.ProcessRestQuery(Stream inputStream) bei SyncInvokeProcessRestQuery(Object , Object[] , Object[] ) bei System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]& outputs) bei System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc) bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc& rpc) bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage31(MessageRpc& rpc) bei System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet) bei System.ServiceModel.Dispatcher.ChannelHandler.DispatchAndReleasePump(RequestContext request, Boolean cleanThread, OperationContext currentOperationContext) bei System.ServiceModel.Dispatcher.ChannelHandler.HandleRequest(RequestContext request, OperationContext currentOperationContext) bei System.ServiceModel.Dispatcher.ChannelHandler.AsyncMessagePump(IAsyncResult result) bei System.Runtime.Fx.AsyncThunk.UnhandledExceptionFrame(IAsyncResult result) bei System.Runtime.AsyncResult.Complete(Boolean completedSynchronously) bei System.Runtime.InputQueue`1.AsyncQueueReader.Set(Item item) bei System.Runtime.InputQueue`1.EnqueueAndDispatch(Item item, Boolean canDispatchOnThisThread) bei System.Runtime.InputQueue`1.EnqueueAndDispatch(T item, Action dequeuedCallback, Boolean canDispatchOnThisThread) bei System.ServiceModel.Channels.SingletonChannelAcceptor`3.Enqueue(QueueItemType item, Action dequeuedCallback, Boolean canDispatchOnThisThread) bei System.ServiceModel.Channels.HttpPipeline.EnqueueMessageAsyncResult.CompleteParseAndEnqueue(IAsyncResult result) bei System.ServiceModel.Channels.HttpPipeline.EnqueueMessageAsyncResult.HandleParseIncomingMessage(IAsyncResult result) bei System.Runtime.AsyncResult.SyncContinue(IAsyncResult result) bei System.ServiceModel.Channels.HttpPipeline.EmptyHttpPipeline.BeginProcessInboundRequest(ReplyChannelAcceptor replyChannelAcceptor, Action dequeuedCallback, AsyncCallback callback, Object state) bei System.ServiceModel.Channels.HttpChannelListener`1.HttpContextReceivedAsyncResult`1.ProcessHttpContextAsync() bei System.ServiceModel.Channels.HttpChannelListener`1.BeginHttpContextReceived(HttpRequestContext context, Action acceptorCallback, AsyncCallback callback, Object state) bei System.ServiceModel.Activation.HostedHttpTransportManager.HttpContextReceived(HostedHttpRequestAsyncResult result) bei System.ServiceModel.Activation.HostedHttpRequestAsyncResult.HandleRequest() bei System.ServiceModel.Activation.HostedHttpRequestAsyncResult.BeginRequest() bei System.ServiceModel.Activation.HostedHttpRequestAsyncResult.OnBeginRequest(Object state) bei System.ServiceModel.AspNetPartialTrustHelpers.PartialTrustInvoke(ContextCallback callback, Object state) bei System.ServiceModel.Activation.HostedHttpRequestAsyncResult.OnBeginRequestWithFlow(Object state) bei System.Runtime.IOThreadScheduler.ScheduledOverlapped.IOCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* nativeOverlapped) bei System.Runtime.Fx.IOCompletionThunk.UnhandledExceptionFrame(UInt32 error, UInt32 bytesRead, NativeOverlapped* nativeOverlapped) bei System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* pOVERLAP) . c0c2fcc9-abfb-6e2b-f229-68417fb5815c
02.04.2013 16:24:43.66 w3wp.exe (0x1594) 0x12E8 SharePoint Foundation CSOM afxwb High System.UnauthorizedAccessException: Es wurde versucht, einen nicht autorisierten Vorgang auszuführen. bei Microsoft.SharePoint.Utilities.SPUtility.HandleAccessDenied(Exception ex) bei Microsoft.SharePoint.SPSecurableObject.CheckPermissions(SPBasePermissions permissionMask) bei Microsoft.SharePoint.Client.SPClientServiceHost.OnBeginRequest() bei Microsoft.SharePoint.Client.Rest.RestService.ProcessQuery(Stream inputStream, IList`1 pendingDisposableContainer) c0c2fcc9-abfb-6e2b-f229-68417fb5815c
02.04.2013 16:24:43.66 w3wp.exe (0x1594) 0x12E8 SharePoint Foundation CSOM agmjp High Original error: System.UnauthorizedAccessException: Es wurde versucht, einen nicht autorisierten Vorgang auszuführen. bei Microsoft.SharePoint.Utilities.SPUtility.HandleAccessDenied(Exception ex) bei Microsoft.SharePoint.SPSecurableObject.CheckPermissions(SPBasePermissions permissionMask) bei Microsoft.SharePoint.Client.SPClientServiceHost.OnBeginRequest() bei Microsoft.SharePoint.Client.Rest.RestService.ProcessQuery(Stream inputStream, IList`1 pendingDisposableContainer) c0c2fcc9-abfb-6e2b-f229-68417fb5815c
02.04.2013 16:24:43.66 w3wp.exe (0x1594) 0x12E8 SharePoint Portal Server Microfeeds aizmo Medium SocialRESTExceptionProcessingHandler.DoServerExceptionProcessing - SharePoint Server Exception [System.UnauthorizedAccessException: Es wurde versucht, einen nicht autorisierten Vorgang auszuführen. bei Microsoft.SharePoint.Utilities.SPUtility.HandleAccessDenied(Exception ex) bei Microsoft.SharePoint.SPSecurableObject.CheckPermissions(SPBasePermissions permissionMask) bei Microsoft.SharePoint.Client.SPClientServiceHost.OnBeginRequest() bei Microsoft.SharePoint.Client.Rest.RestService.ProcessQuery(Stream inputStream, IList`1 pendingDisposableContainer)] c0c2fcc9-abfb-6e2b-f229-68417fb5815c
Tentei dar ao usuário que tenta executar o fluxo de trabalho permissões de proprietário do site, leitor do site ou colaborador do site - em todos os casos, o fluxo de trabalho falha.Somente um administrador do conjunto de sites (o usuário ou outro administrador) pode iniciar um fluxo de trabalho.
Editar:Eu olhei para o SPBasePermissions.O erro está realmente dizendo "Falha na verificação de permissão.pedindo "Abrir", tenha "UseRemoteAPIs"".
Solução
O problema estava relacionado à UO em que os usuários estavam.
Minha UO principal estava em DOMAIN > MainOU > SubOU - nessa UO estão todos os meus grupos e usuários do SharePoint.Vamos pegar o "Usuários do SharePoint" group como um exemplo nessa UO.Possui permissões para contribuir no SharePoint.
Agora eu tinha uma UO diferente em DOMAIN > DifferentOU para usuários de teste.Dei permissões a esses usuários de teste no SharePoint, colocando-os também no Usuários do SharePoint grupo.
Isto é o que estava causando o problema:
Ao adicionar usuários na mesma ramificação do AD (mesma UO), está tudo bem.Mas quando os usuários vêm de uma ramificação paralela diferente (OU diferente), de alguma forma a segurança não funciona e recebo a referida mensagem de erro.
Para resolver o problema bastou executar a Sincronização de Perfil de Usuário.
Licenciado em: CC-BY-SA com atribuição
Não afiliado a sharepoint.stackexchange
